I thought this was possible but after testing I am seeing that the local user just gets saved as the <username> (thus requiring a new code) and the AD user is saved as <domain>/<username>
You can check under the TOTP Authentication Server > Users
... View more

Unfortunately, this is not possible. Once you select Anonymous, you really can't pass in a username to be used against the Google Auth.
I understand your concern but we have many customers doing this. They create a web ACL so only the reset application is accessible. Also, that isn't useable unless the end user knows his security. You can also add some more checks and only allow access during work hours, etc.
... View more

Assuming they can connect (just bear with me here), how would they do the domain reset? Would they do this via some security challenge?
One of the things that can be done is to set up a sign in policy/realm that does an Anonymous connection back to the application you are using to the reset. End user gets presented with the challenge and they take care of the reset.
If you want to see this in action, send me a direct message and we'll set up a confcall and I'll show you how it's done.
... View more

Claston, this is something your IT team has configured and they haven't include the reason or custom instructions as to how to get your computer in compliance. Please reach out to your IT team.
... View more

Hi,
You can turn on password management. See https://docs.pulsesecure.net/WebHelp/PCS/8.3R3/Content/PCS/PCS_AdminGuide_8.3/Using_the_LDAP_Password_Management.htm
You'll basically need to create an LDAP server under Auth Servers and point it to your AD server. Then at Realm level, you can enable Password Management under Authentication Policy > Password:
Regards,
... View more

Maybe you have a setting that the user needs to change their password on first login first. Can you create a test user, go PPS in a browser on a working computer, log in the first time and see if it wants a password change?
... View more

Hi, which ESAP version are you using? The latest is 3.2.9.
Also, are you sure it's LiveSafe and not another product? I don't see anything past 16 on McAfee website and we support 16. I see version 21 for other McAfee products like AllAccess, AntiVirus Plus, Interent Secure, etc, all of which we support.
... View more

You can find some settings like connection sets here:
/Library/Application Support/Pulse Secure/Pulse
You can also find some connection info here:
~/ Library/Application Support/Pulse Secure/SetupClient
... View more

Hi Dominik , Can you go to the connection, then click the "..." to get into the connection settings? Do you see Authentication as certificate? if you click into that, and then Certificate, do you see any certficates installed? Also, if you go to iOS Settings > General, if you scroll down after iTunes Wi-Fi Sync and VPN, you may see "Profiles & Device Management". Do you see any configuration profiles which contain the cert you want to use? If not, how did you get the cert on your device? Regards
... View more

Can you share the "Advanced Connection Details" under File once you connect from your desktop? You may be connected but the tunnel type or encryption method may not be supported. It would also be helpful to include ipconfig (or ifconfig) output to see your IP addresses etc.
... View more

Hi Jan, If you jsut want to do it using PCS, you can create a single connection with multiple server URLs. Go to Users > Pulse Secure Client > Connections. Then to a connect set and scroll down to a connection and click it. You'll see the following: You can uncheck the first option that says "Connect to URL of this server only" and then add your server URLs in the second box. You can also configure some behavior using the next two options. Hope this helps. Regards
... View more

Re: My internet connection hangs

This same exact question (same wording) was asking about a year ago. Is this the same issue? In that issue, one of replies says to wait a few minutes and it'll work. How long have you tried waiting before rebooting? We have no known issue like this so would like some more info.
... View more

As noted in the doc, vTM is recommended if you're deploying an A/A cluster. You may need to buy a license. How many licenses do you need and where are you located? Accenture is a customer so you may already have most of the things you need. You can send me a private message and I'll let you know who we work with at Accenture.
... View more

Hi Vinod, We do have a Pulse Connect Secure (PCS) appliance for AWS. You would get it and download it from us directly. We will be putting it in the AWS Marketplace soon. Documentation on how to deploy it is here: https://www.pulsesecure.net/download/techpubs/current/1221/pulse-connect-secure/pcs/9.0rx/ps-pcs-9.0r1-aws-deployment-guide.pdf Regards
... View more

Has your admin setup location awareness and it is trying to auto-connect? This is a configurable option. If you have it configured and don't want it to work like that, you may need to talk to IT. They may have a reason for wanting it to behave like this, or it is just mis-configured.
... View more

Is your IT team mentioniong other folks are seeing the same issue? I've attached a quick write-up on some troubleshooting steps. Can you also send your tunnel connection Advanced Details (File > Connections > Advanced Connection Details...)? Here's mine now:
... View more

Have you installed any persistent routes on that system? You can do a "route print" to see if there is anything under persistent routes. Or, has the admin configured any split-tunneling rules that may be causing a conflict?
... View more

Are you seeing anything in the User logs? I am wondering if it is not talking to PCS at all, or if it talking to PCS but is not agreeing on how to connect. Do you have active support? If so, please call in and we'd be happy to help troubleshoot this issue. It's hard to proceed further without actually looking at what is going on. Since it's working on the WIn7 side, I don't think it's a config issue. We don't have any generic connection issues with Mac either so I'm sure it's a Mac-specific issue. Regards
... View more

Hi Credim, the client has a hostchecker built-in but that only works for client-based connections. When you access the portal for Win/macOS, a separate dissolvable hostcheck agent gets installed and used. This isn't currently available on Linux. Regards
... View more

Hi EoghanC, This may happen if your new provider, Vodafine, has ESP blocked. In that case, Connect Secure should be configured to fall back to SSL. This may explain why it works outside of home. Please check with IT. Regards
... View more

Hi, have you updated your ESAP file? That would help. We are on version 3.2.6. See https://www.pulsesecure.net/techpubs/pulse-connect-secure/esap/3.2.x for details of what is supported. You can find the one for the ESAP file that you're using.
... View more

Pulse Connect Secure is for all enduser devices (Win, macOS, Linux, Android, iOS, ChromeOS, Window Phone, etc). I will send you a private message to get your contact info to help you learn more.
... View more

Hi, if you're looking for a firewall, you'll need to talk to Juniper. The last supported client is 5.1. We have spun out as Pulse Secure since that release and do not officially support/test it with SRX for IPSec connections. If you're looking for a great remote access solution, that you can use Pulse Connect Secure. Please let me know if you want to learn more. Are you currently using the Pulse Client for anything other than connecting to SRX?
... View more